Renovate #42229
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Renovate | |
| on: | |
| workflow_dispatch: | |
| schedule: | |
| - cron: "0 */2 * * *" | |
| concurrency: | |
| group: renovate-main | |
| cancel-in-progress: true | |
| permissions: | |
| contents: read | |
| env: | |
| RENOVATE_VERSION: "43.63.0" | |
| jobs: | |
| renovate: | |
| runs-on: ubicloud-standard-4 | |
| timeout-minutes: 180 | |
| steps: | |
| - name: Generate GitHub App token | |
| id: app-token | |
| uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3 | |
| with: | |
| app-id: ${{ secrets.CQ_APP_ID }} | |
| private-key: ${{ secrets.CQ_APP_PRIVATE_KEY }} | |
| owner: ${{ github.repository_owner }} | |
| permission-contents: write | |
| permission-pull-requests: write | |
| permission-checks: write | |
| permission-statuses: write | |
| permission-issues: write | |
| permission-workflows: write | |
| permission-administration: read | |
| permission-vulnerability-alerts: read | |
| - name: Checkout | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| - name: Renovate cache | |
| uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5 | |
| with: | |
| path: /tmp/renovate/cache/renovate/repository | |
| key: renovate-cache-${{ env.RENOVATE_VERSION }}-${{ github.run_id }} | |
| restore-keys: | | |
| renovate-cache-${{ env.RENOVATE_VERSION }}- | |
| - name: Fix cache permissions | |
| run: | | |
| # The permissions expected within renovate's docker container (uid 12021) | |
| # are different than the ones given after the cache is restored. | |
| # See https://github.com/renovatebot/github-action#persisting-the-repository-cache | |
| sudo mkdir -p /tmp/renovate/cache/renovate/repository | |
| sudo chown -R 12021:0 /tmp/renovate/ | |
| - name: Self-hosted Renovate | |
| uses: renovatebot/github-action@0b17c4eb901eca44d018fb25744a50a74b2042df # v46.1.4 | |
| with: | |
| renovate-version: ${{ env.RENOVATE_VERSION }} | |
| configurationFile: .github/self-hosted-renovate.js | |
| token: ${{ steps.app-token.outputs.token }} | |
| env: | |
| RENOVATE_GITHUB_ACTOR: ${{ github.actor }} | |
| RENOVATE_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |